OSFI Flashcards

Question

how is diversification risk accounted for regarding MCT insurance risk

Answer 1

- risk factors for each class of insurance contain an implicit diversification credit - this is based on the assumption that insurers have a well-diversified portfolio

Answer 2

margin(LIC) = 1.1 * sum (risk factor * net LIC(issued) excl.RANF - AIC(re held) excl.RANF)

Answer 3

margin(unexpired coverage) = risk factor * max(net unexpired coverage, 30% * net premiums received past 12 months) where net premiums received = premiums received net of associated reinsurance premiums paid

Answer 4

net unexpired coverage = unexpired coverage for insurance contracts issues - unexpired coverage for reinsurance contracts held

Answer 5

unexpired coverage for insurance contracts issued = PV(estimate of future cash flows excluding premium cash flows)

Answer 6

unexpired coverage for insurance contracts issued = (LRC - LC + unamortized insurance acquisition cash flows + unamortized reinsurance commissions + premiums receivable) x ELR + costs

Answer 7

unexpired coverage for reinsurance contracts held = PV(estimate of future cash flows for current and future reinsurance contracts held)

Answer 8

unexpired coverage for reinsurance contracts held = (A + C + P1 + P2) x ELR - (P3 + P4)

Answer 9

- reinsurer won't pay insurer what is owed - mis-assessment of required provision the amount the insurer expects to be paid

Answer 10

portion of loss payable by the policy holder

Answer 11

OSFI must be satisfied of collectability - may require collateral (i.e, lOC from policyholder)

Answer 12

ER = (EPR + ERC) x 1.25 where ERC = ERX - FinRes

Answer 13

model approach: - ERX1 = (East Canada PML500 ^ 1.5 + West Canada PML500 ^ 1.5) ^ (1 / 1.5) standard approach: - ERX3 = max(East Canada PTIV - applicable deductible, West Canada PTIV - applicable deductible)

Answer 14

(IFFERO): - interest rate risk - foreign exchange risk - equity risk - real estate risk - right-of-use asset risk - other market risk

Answer 15

abs(asset duration * asset values - liability duration * liability values) * 1.25%

Answer 16

10% * Canadian dollar value

Answer 17

30% * market value of equities including: - common shares - joint ventures where insurer holds <= 10% ownership interest - futures - forwards - swaps

Answer 18

10% * owner-occupied property + 20% * investment property

Answer 19

margin(credit risk) = asset value * risk factor

Answer 20

the risk factor either: - corresponds to the external credit rating of the counterparty - represents a prescribed factor determined by OSFI

Answer 21

risk exposures that are not listed on a company balance sheet

Answer 22

- structured settlements - LOC(letters of credit) - NOD(non-owned deposit) - derivatives

Answer 23

margin(credit risk for off-balance sheet exposures) = (CEA - eligible collateral) x CCF) x risk factor

Answer 24

CapReq(OpnRisk) = min(30%*CR(0), sum(A components) + max(B components)) where CR(0) = CapReq(I) + CapReq(M) + CapReq(C) A components: - risk factor x CR(0) - risk factor x DWP - risk factor x AWP - risk factor x CWP - risk factor x growth above 20% x (DWP + AWP) / (1 + growth) B components: - risk factor x AWP(ig) - risk factor x CWP(ig) ## Footnote the upper limit dampens operational risk for high-volume, low-complexity businesses

Answer 25

- strategic risk - reputation risk

Answer 26

to dampen operational risk for business that satisfies these conditions - high-volume - low-complexity

Answer 27

- mergers - new lines of business - changes to products or U/W criteria

Answer 28

when unregistered reinsurance goes up -> CapReq(OpnRsk) goes up because: - operational risk depends on insurance and credit risk - and insurance risk goes up because unregistered reinsurance is one of its components

Answer 29

a reduction to capital required recognizing that not all risk categories are likely to suffer their maximum loss simultaneously

Answer 30

enhance insurer's understanding of the relationship between risk profile and capital needs

Answer 31

no, but OSFI will review a company's ORSA as part of its assessment of the company

Answer 32

ERM, ORSA should be well-intergrated so that analysis, results are consistent between them

Answer 33

- risk identification & assessment - relate risk to capital - oversight - monitoring & reporting of risks - internal controls & objective review

Answer 34

identify & assess the materiality of forseeable & emerging risks

Answer 35

- set ICT(internal capital target) using stress-testing techniques - must withstand a specified loss without falling below supervisery capital requirements

Answer 36

senior management responsibiity: should have a good understanding of: - nature and significance of the risk exposures - risk mitigants - risk management methods - capital adequacy

Answer 37

annual reports to Board of Directors & Senior Management on risk profile & capital management

Answer 38

- review for: accuracy, integrity, reasonableness - objective reviewer: internal or external auditor or skilled professional not involved in the ORSA process

Answer 39

Yes and No: - key elements are the same (remember to list them!) - but specifics differ by company depending on risk profile & NSC(nature/scale/complexity) of operations

Answer 40

yes: an important part of ORSA is to set ICT since ICT considers insurer-specific risks

Answer 41

MCT: not specifically part of MCT ORSA: - should be considered in setting ICT - product is sold through a mobile app (this is for the specific question, because it's mentioned in the context)

Answer 42

MCT: part of market risk within ICT ORSA: - should be considered in setting ICT - government bonds are subject to fluctuations in interest rate

Answer 43

MCT: not part of MCT ORSA: - should be considered in setting ICT - company operates in several provinces

Answer 44

equally important

Answer 45

- complex internal model: for complex risks - simple model: with conservative assumptions - qualitative: includes expert judgment for difficul-to-quantify risks

Answer 46

- both are concerned with risk identification & control - both are concerned with capital requirements - both are submitted to BoD & regulators

Answer 47

guidelines: - DCAT: uses CIA SOPs(statement of principles) - ORSA: uses OSFI guidelines methods: - DCAT: quantitative only - ORSA: quantitative & qualitative report: - DCAT: by AA - ORAS: management responsibility

Answer 48

ORSA: - includes all material risks - uses stress-testing to set ICT - qualitative as well as quantitative - admits assessment of internal controls

Answer 49

a risk management technique - to evalualte effects on financial position - due to specified changes in risk factors - corresponding to exceptional but plausible events

Answer 50

- risk: identify & control risk - complement: provide a complement to other risk management tools + simulate shocks - capital management: support capital management - liquidity management: improve liquidity management

Answer 51

- risk id: identify and concentration & interaction of risks - risk control: ajdust individual portfolios & overall business strategy

Answer 52

- test statistical models used to determine VaR - simulate shocks to test model robustness to economic changes

Answer 53

identify severe events and/or compouding events that impact capital managements

Answer 54

assess liquidity profile & adequacy of buffers for institutional & market-wide stresses

Answer 55

company won't have historical data - identify flood risks using stress-testing models - estimate capital required to support flood risk in different scenarios - stress-testing could complement publicly available flood data

Answer 56

BoD: - ultimate responsibility for program - ensures implementation of program by management - should be aware of key findings management: - implement & manage stress-testing program - identify PAS(plausible adverse scenario) - develop & implement risk mitigation strategies ## Footnote Bod set directions and oversight, management follow BoD's decisions and oversight operations

Answer 57

(RUDI): - range of perspectives: -> perspectives: consult economists, actuaries, others -> techniques: qualitative, quantitative - update stress-testing framework regularly: -> monitor effectiveness of framework with qualitative, quantitative measures & update accordingly -> elements of a framework include: docs, data quality, assumptions - docs: provide written docs of assumptions & fundamental elements of scenarios - infrastructure should be flexible -> should allow increase in sensitivity testing in times of rapid change -> should accomodate time horizons for management action

Answer 58

RUDI + includes making risks dynamic and reviewing assumptions more than once a year - focus on program not just scenarios

Answer 59

- scenarios should cover all important business & product lines - create non-historical scenarios(events that haven't happened but could happen) - severe & sustained downturns includes large loses, loss of reputation, legal problems

Answer 60

not appropriate: stress-testing should consider all risks, not just 1 significant risk change: consider operational risk also since call centers & claim adjusters may be overloaded after an earthquake event

Answer 61

not appropriate: earthquakes are low-frequency so lack of prior event does not indicate lack of risk change: use external data to construct earthquake risk models

Answer 62

insurance risk due to claims from earthquake event and market risk due to loss of income from own properties damaged in earthquake event - a comprehensive stress-testing program would reveal these significant & interacting risks

Answer 63

- risk mitigation - s&w(securitization & warehousing) - reputation (reputational risk) - credit risk & counter-party risk - concentration risk

Answer 64

focus 1: - risk mitigation - stress-testing should facilitate development of mitigation & contingency plans focus 2: - reputation risk - if customers don't trust you, you may lose business - if existing customers are not made aware of new flood coverage they may be angry & switch providers

Answer 65

- appropriateness: are scenarios for institution's risk profile - viability: are scenarios included that compromise viability - frequency: is stress-testing frequent enough for timely management action - severe shocks: do scenarios include severe shocks & sustained downturns

Answer 66

scenario-testing: - significant changes to risk factors - observe future state including ripple effects & management actions over a longer time horizon - more complex & comprehensive sensitivity-testing: - incremental changes to risk factors - shock is more immediate & time horizon shorter - simpler fewer resources required

Answer 67

MinCapReq = 100% x BaseCap - capital required to cover risks specified in capital guidelines - if CapAv < MinCapReq then there are critical viability concerns for insurer

Answer 68

SupCapReq = 150% x BaseCap - capital required to cover risks specified in capital guidelines + margin - if CapAv < SupCapReq then insurer is subject to supervisory attention

Answer 69

- a capital target determined by ORSA above supervisery capital target - includes risks specified in capital guidelines and all insurer-specific risks

Answer 70

- gives management time to address issues - captures insurer-specific risks not addressed by industry-wide capital guidelines

Answer 71

- includes insurer-specific risks in capital assessment - assessment uses stress-testing - capital level must withstand a specified level of loss without falling below supervisery capital over specified time horizon

Answer 72

- no, unless planned & certain - also, cannot consider head-office guarantees & other management actions except for setting targets above internal target

Answer 73

if this happens or expected within 2 years, notify OSFI & submit plan to restore capital to internal target level reasonably quickly

Answer 74

federally regulated financial institution

Answer 75

set of relationships among BoD, management, shareholders, other stakeholders

Answer 76

- incentivizes good behavior(i.e,advances company & shareholder interests) - enables monitoring of operations & performance

Answer 77

- BoD: direction-setting, oversight of management - senior management: implement BoD decisions, oversight of operations

Answer 78

- OSFI relies on good corporate governance to support its supervisery role - OSFI required BoD involvement during interventions to determine best corrective actions

Answer 79

- RAS: risk appetitle statement - RL: risk limits - RR: roles/responsibilities of those implementing risk appetite framework

Answer 80

reflects level of risk, and type of risk FRFI is willing to accept to meet business objectives

Answer 81

- relate to short, long-term strategies - includes quanlitative/quantitative measures of risk - forward-looking - consider normal and stressed scenarios

Answer 82

- qualitative: identify significants risks company wants to take/avoid + why - quantitative: measures of ECL(earnings, capital, loss) FRFI is willing to support

Answer 83

risk limits refers to allocations of FRFI's risk appetite statement to: - risk categories (IMCO) - business unit - LOB or product

Answer 84

senior management

Answer 85

CRO: ensures risk limits are consistent with risk appetite statement CRO: provides reports to BoD, senior management assessing risk limits and risk appetite statement internal auditor: ensures compliance with risk appetite framework

Answer 86

(MML): - measure/monitro/limit earthquake exposures

Answer 87

dollar value of loss a major earthquake is unlikely to exceed (loss expected only once per X years)

Answer 88

- gross PML: after deductible, before reinsurance - net pML: after deductible, after reinsurance ## Footnote difference is only before/after reinsurance, both have deductible applied

Answer 89

- risk management - data management - models - PML - financial resources & contingency plan

Answer 90

earthquake exposure risk management policies are overseen by senior management

Answer 91

- data required is more than for traditional ratemaking - must address data integrity, verification, limitations

Answer 92

must understand assumptions, methods, limitations or earthquake models

Answer 93

PML = total expected ultimate cost - includes considerations for data quality, non-modeled exposure, model uncertainty, multi-region exposure

Answer 94

- financial resources: quantification of how financial resources cover pML - contingency plan: how to continue efficient business operations after disaster

Answer 95

- risk appetite and risk tolerance of insurer - data management framework - model assumptions, methods, limitations - calculation of PMLs - nature & adequacy of financial resources - contingency plans supporting the risk - how concentration of exposures is measured & monitored

Answer 96

(DAQKDUP): - Docs: document use of model within risk management program - Alternatives: explain why a particular model is used vs. alternatives - Qualified: need qualified staff to run in-house models regularly - Knowledge: must have knowledge of assumptions, methods, limitations of earthquake model - Data: should provide evidence to show that granularity & quality of data is appropriate - Uncertainty: must understand the impact of uncertainty on capital adequacy & reinsurance requirements - PMLs: if PML(model 1) not equal to PML(model 2) then must explain the differences & any subsequent model adjustments

Answer 97

- make U/W decisions - monitor exposure-accumulations

Answer 98

- use more than 1 model - ensure timely updates of material changes to model within 1 year of change - understand assumptions, methods, limitations of vendor software for PML calculation - if in-house PML model is used, should compare result to alternate models

Answer 99

- compare modeled losses with actual losses - compare tail losses with market price for reinsurance - use global data to supplement limited Canadian earthqake data

Answer 100

may add a margin of safety to the PML estimate ## Footnote basically to account for uncertainty

Answer 101

- exposure growth between date of data & relevant exposure period - consider adequacy of ITV - consider GRC(guaranteed replacement cost) - increased seimicity after large event

Answer 102

- uncertainty associated with conversion from location-specific ground motion to actual damage levels - model assumptions are being continuously updated & refined ## Footnote first point meant, translating the physical measurements to expected damages

Answer 103

may add a margin of safety to the PML estimate

Answer 104

- understates risk for insurers with exposure in both regions - ignores earthquake elsewhere, which could be material

Answer 105

BoD, senior management would report PMLs to OSFI as follows: - Canadian insurers report PMLs based on worldwide exposure - foreign insurers report PMLs based on Canada-wide exposure

Answer 106

- capital & surplus (max 10% of capital & surplus) - resinsurance (most insurers use cat reinsurance) - earthquake reserves calculated as part of MCT - capital marketing financing

Answer 107

when including non-cat reinsurance must consider 'per event' limits and other events that may exhaust coverage

Answer 108

OSFI prior approval is required before recognition as a financial resource under MCT guidelines

Answer 109

limited to a maximum of 10% of capital & surplus

Answer 110

must not exceed countrywide PML 500

Answer 111

- tech investments - audit data - ensure adequate financial resources & contingency plan - measure/monitor/limit earthquake exposure

Answer 112

- file earthquake exposure data form annually - if no material exposure then submit letter stating so

Answer 113

if an insurer has material earthquake exposure: - insurer must submit earthquake risk management policies - must submit FCT report that includes earthquake exposure scenario or provide reason for not including

Answer 114

- for reporting purposes: just submit the standard earthquake exposure data form - for supervisory purposes: must submit comprehensive risk management policies

Answer 115

OSFI may adjust capital or asset requirements or TSR(target solvency ratio)

Answer 116

- implement risk management plan & internal controls - discretion to increase PML from model due to low data quality or model uncertainty - a senior manager reports to all senior management about compliance and the PML

Answer 117

- state compliance with risk management policies except where noted - explain calculation of PML with details of supporting financial resources

Answer 118

oversight of risk management plan & ensuring adequacy of internal controls

Answer 119

main point of contract between FRFI and OSFI -> responsible for maintaining an up-to-date risk assessment of FRFI

Answer 120

- identify material risks - should be forward-looking & allow for early intervention - use sound predictive judgment - understand risk drivers - differentiate between inherent risks & management of those risks - dynamic adjustment - assess whole institution by calculation a CRR(composite risk rating)

Answer 121

- significant activities - inherent risk - quality of risk management - net risk - importance & overall net risk - earnings - capital - liquidity - risk matrix & CRR(composite risk rating)

Answer 122

- anything that is fundamental to the business model (LOB, unit, process,…) - it's the fundamental risk assessment concept within the supervisory framework

Answer 123

- control level 1: operational day-to-day control of significant activities - control level 2: oversight of finance, compliance, actuarial,…

Answer 124

- net risk of significant activity = judgment on inherent risk & quality of risk management - can be low, moderate, above average, high + trend

Answer 125

- risk matrix: records assessment of significant activities and risks - CRR: culmination of assessment can be low, moderate, above average, high

Answer 126

- planning - execution & updating risk profile - reporting & intervention

Answer 127

significant activities

Answer 128

STEP1: identify significant activities STEP2: assess inherent risks and quality of risk management STEP3: calculate net risk for each significant activity STEP4: use risk matrix to assess intervention status and CRR

Answer 129

net risk = high